MY guess based on my interpretation of privacy and proposed security is
that if the email goes out on the internet it must be encrypted (if it
contains IIHI (PHI)). Winzip w/password protection would not meet this
criteria.
Wes A. More, CISSP, CISA, CBM
Data Security Supervisor
Computer Sciences Corporation
Global Infrastructure Services/Global Information Security Services
1 CSC Way
Rensselaer, NY 12144
(518) 257-4206
(518) 257-4300 (fax)
(518) 421 3786 (cell)
[EMAIL PROTECTED]
[EMAIL PROTECTED] (email to cell)
NYCM 11/03/2002
CONFIDENTIALITY NOTICE
The information in this message(and the documents attached to it, if any)
is confidential and may be legally privileged. It is intended solely for
the addressee. Access to this message by anyone else is unauthorized. If
you are not the intended recipient, any disclosure, copying, distribution
or any action taken, or omitted to be taken in reliance on it is prohibited
and may be unlawful. If you have received this message in error, please
delete all electronic copies of this message (and the documents attached to
it, if any), destroy any hard copies you may have created and notify me
immediately.
Fify Taslim
<FTaslim To: "'[EMAIL PROTECTED]'"
<[EMAIL PROTECTED]>,
@care1st.com> "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>,
"'[EMAIL PROTECTED]'"
<[EMAIL PROTECTED]>
09/30/2002 cc:
02:39 PM Subject: Winzip & password and e-mail
Winzip & password and e-mail
Hello all,
Thank you in advance for all your valuable the responds.
I have Privacy issue question today. Is this scenario still HIPAA compliant
or not allowed at all?� Scenario: sending daily file containing member PHI
through e-mail. The file are zipped [Winzip]and password protected, and no
encryption were done.
Any suggestion/recommendation to HIPAA compliance are welcome.
Regards,
Fify Taslim, MD, MBA
Care1st Health Plan
Compliance Specialist/HIPAA Coordinator
Ph. (626) 299-4299 ex.376
Fx. (626) 628-3263
E-mail: [EMAIL PROTECTED]
**********************************************************************
To be removed from this list, go to:
http://snip.wedi.org/unsubscribe.cfm?listusiness
and enter your email address.
The WEDI SNIP listserv to which you are subscribed is not moderated. The
discussions on this listserv therefore represent the views of the
individual
participants, and do not necessarily represent the views of the WEDI Board
of
Directors nor WEDI SNIP. If you wish to receive an official opinion, post
your question to the WEDI SNIP Issues Database at
http://snip.wedi.org/tracking/.
Posting of advertisements or other commercial use of this listserv is
specifically prohibited.
**********************************************************************
To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=Business
and enter your email address.
The WEDI SNIP listserv to which you are subscribed is not moderated. The
discussions on this listserv therefore represent the views of the individual
participants, and do not necessarily represent the views of the WEDI Board of
Directors nor WEDI SNIP. If you wish to receive an official opinion, post
your question to the WEDI SNIP Issues Database at
http://snip.wedi.org/tracking/.
Posting of advertisements or other commercial use of this listserv is
specifically prohibited.
